The pandemic fast-tracked the digital transformation plans for 77% of CEOs, accelerating the demand for more technical support and roles. However, a short supply of qualified candidates is turning the developer role into the most challenging hiring sector in tech. This acute need for software engineers, coupled with low resources, is forcing more enterprises to think globally, not locally, when it comes to building their teams.

Businesses are rapidly transitioning to hybrid work arrangements. Sixty-three percent of high-growth companies already use a hybrid work environment and the vast majority of business and IT leaders expect the hybrid model to remain. Hybrid technology teams can lead to several business benefits, such as an increased talent pool and flexible working hours that enable better customer support and operations. However, this model comes with complications and considerations that you need to address upfront.

I’ve led globally distributed enterprises for the past 12 years. The techniques used to run globally distributed teams are the same that you need for running an efficient hybrid technology team, but you must operate under the core principle that everyone works remotely.  In my experience, this falls into two categories:

1. Embrace a cloud-first infrastructure

Teams within a distributed organization need to collaborate on common systems and data. To enable anyone to work from anywhere on any device, it is advised to embrace a cloud-first strategy for your infrastructure, platforms and business systems. This enables anyone with a basic laptop and internet connection to work from anywhere.

For developers, cloud-first technologies remove explicit reliance on local software—a code editor and access to a remote code repository should be all they need to get started. Once the developer is able to access and edit the code, remote pipelines, through services such as Azure DevOps, can support the workflow of building, testing and releasing your code.

The environments required to test and run your code can also be provisioned automatically on cloud infrastructure. For example, a simple code commit to a cloud-hosted code repository from the developer's laptop can trigger the build, deployment to a test environment, execution of automated tests and then deployment to a production environment for end users, all without the need for the developer to directly access any network or servers.

With the systems deployed and available to end users, your operations team needs to understand the health of the system and react to any issues that may occur. Cloud-based technology, such as DataDog, can offer observability of metrics such as performance, memory and application logs to build health checks of the system. These metrics can trigger alerts to warn of errors in real time, meaning the ops team does not need direct access to the infrastructure.

Everything you need to get a developer up and running—a laptop, a code editor and an internet connection—is available on all the public cloud platforms. Enabling the same experience from your own data center is possible, but costly and not advised.

2. Implement a robust security strategy

A remote-first work environment also invites new security challenges and considerations. You need to be even more careful about who can access your systems and apply changes when working in the cloud. You should create a more stringent security policy that includes identity management and zero-trust architecture.

• Identity Management

Most systems have their own user management to define who has access and what they can access within that system, but your security team does not want to be managing users across dozens or hundreds of different systems. Identity management introduces a third-party authentication mechanism that centralizes your user management and manages your access entitlement across all the systems that your business uses. Delegating this to a central platform to create or remove new users can be done in one system and take immediate effect across all systems.

The ultimate comfort of an identity management system is that if a user account becomes compromised or an employee leaves your organization, you can remove user access to all systems with just one click.

• Zero-Trust Strategy

Credential abuse accounted for nearly 90% of web application breaches, and phishing occurred in over a third of all breaches—up from 25% last year. With identity-based attacks rising, a zero-trust architecture is quickly becoming the de facto means of securing your enterprise, environment and IP.

Traditional “onion layer” security approaches grant users access to a network via a VPN and focus on building protection around the system’s perimeters. This model increasingly represents more danger in a remote and cloud-first world. With more access points exposed to the internet, a system’s VPN can become compromised and give unauthorized users free rein to roam and access vulnerable areas and information throughout the network. A zero-trust architecture flips this model on its head by making the identity "the new perimeter" and restricting user access to any resource without explicit permission.

Following the principle of “never trust, always verify,” a zero-trust world operates under the assumption that the network has already been breached. No device, user or application is safe, and every user requires express authorization to access any resource—which an identity management system can then revoke. This approach not only drives a more secure environment but also fosters a culture of increased vigilance that can lead organizations into more proactive security measures, such as DNS authentication for email phishing, security patch tracking and more.

In a distributed enterprise, access and control are key. To meet the needs of today’s hybrid environments, organizations must offer enhanced ease of use and opportunities for collaboration but also install advanced security measures. Adopting cloud-based platforms that streamline workflow and empower engineers to make changes in real time, combined with a rigorous identity-based security mindset, puts you on the path to lead your DevOps team—and the entire organization—confidently and securely into the future.

This article was originally published by Forbes Technology Council.